Pi-Hole Adminlte 跨站脚本漏洞

Pi-Hole Adminlte is a control panel used for collecting more data. Versions of Pi-Hole Adminlte from 6.0 to 6.5 had a cross-site scripting vulnerability. This vulnerability stemmed from the lack of escaping of client hostname and IP address values in tooltips for web pages and dashboard charts,...

Pi-Hole Adminlte 安全漏洞

Pi-Hole Adminlte is a control panel used for collecting more data. Versions of Pi-Hole Adminlte from 6.0 to 6.5 had security vulnerabilities. These vulnerabilities stemmed from a reflection-based DOM cross-site scripting vulnerability in the taillog.js library, which could allow unauthenticated...

Pi-Hole Adminlte 跨站脚本漏洞

Pi-Hole Adminlte is a control panel used for collecting more data. Versions of Pi-Hole Adminlte from 6.0 to 6.5 had a cross-site scripting vulnerability. This vulnerability occurred due to the direct insertion of configuration values into HTML attributes without escaping, which could lead to HTML...

CVE-2022-31029

AdminLTE is a Pi-hole Dashboard for stats and configuration. In affected versions inserting code like in the field marked with "Domain to look for" and hitting enter or clicking on any of the buttons will execute the script. The user must be logged in to use this vulnerability. Usually only...

Pi-Hole Adminlte 注入漏洞

Pi-Hole Adminlte is a control panel. It is used for statistics More... An injection vulnerability exists in Pi-Hole Adminlte versions prior to 6.3 that stems from failure to properly clean up input when redirecting requests for files with the .lp extension, which could lead to a CRLF injection...

EUVD-2021-27066

Malware in sbrugna...

EUVD-2021-23073

Malware in sbrugna...

EUVD-2021-26989

Malware in sbrugna...

EUVD-2021-27065

Malware in sbrugna...

EUVD-2022-52722

Malicious code in bioql PyPI...

EUVD-2025-19902

Malicious code in bioql PyPI...

EUVD-2022-28554

Malicious code in bioql PyPI...

EUVD-2023-27710

Malicious code in bioql PyPI...

CVE-2025-34087

An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When adding a domain to the allowlist via the web interface, the domain parameter is not properly sanitized, allowing an attacker to append OS commands to the domain string. These commands are executed on the...

CVE-2025-34087

An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When adding a domain to the allowlist via the web interface, the domain parameter is not properly sanitized, allowing an attacker to append OS commands to the domain string. These commands are executed on the...

CVE-2025-34087 Pi-Hole AdminLTE Whitelist (now 'Web Allowlist') Remote Command Execution

An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When adding a domain to the allowlist via the web interface, the domain parameter is not properly sanitized, allowing an attacker to append OS commands to the domain string. These commands are executed on the...

CVE-2021-3706

adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag...

CVE-2021-41175

Pi-hole's Web interface based on AdminLTE provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients management page. This issue was patched in version 5.8...

CVE-2021-3812

adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

CVE-2021-3811

adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...